[pkg-opensc-commit] [engine-pkcs11] 109/152: Default to using p11-kit-proxy.so if it's available

Eric Dorland eric at moszumanska.debian.org
Mon Oct 19 03:11:22 UTC 2015 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository engine-pkcs11.

commit d04bccbdb8c0607038be1fa4aa802268ad5c1edd
Author: David Woodhouse <David.Woodhouse at intel.com>
Date:   Fri Dec 12 16:30:40 2014 +0000

    Default to using p11-kit-proxy.so if it's available
    
    In the general case, PKCS#11-aware applications should automatically be
    using the tokens listed in the system's p11-kit configuration, rather than
    needing to be explicitly pointed at a provider module.
    
    We currently just *fail* if no provider is given. Fix that to use the
    p11-kit-proxy.so module from p11-kit if it's detected.
    
    Signed-off-by: David Woodhouse <David.Woodhouse at intel.com>
---
 configure.ac        |  8 ++++++++
 src/engine_pkcs11.c | 11 +++++++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index b67256e..5c1efad 100644
--- a/configure.ac
+++ b/configure.ac
@@ -108,6 +108,14 @@ AC_CHECK_HEADERS([ \
 	locale.h getopt.h dlfcn.h utmp.h \
 ])
 
+PKG_CHECK_MODULES(
+	[P11KIT],
+	[p11-kit-1],
+	[proxy_module="`$PKG_CONFIG --variable=proxy_module p11-kit-1`"
+	 AC_DEFINE_UNQUOTED([DEFAULT_PKCS11_MODULE], "${proxy_module}", [p11-kit proxy])],
+	[]
+)
+
 PKG_CHECK_MODULES([LIBP11], [libp11 >= 0.2.5],, [AC_MSG_ERROR([libp11 >= 0.2.5 is required])])
 
 PKG_CHECK_MODULES(
diff --git a/src/engine_pkcs11.c b/src/engine_pkcs11.c
index c1b8fbb..b492903 100644
--- a/src/engine_pkcs11.c
+++ b/src/engine_pkcs11.c
@@ -62,6 +62,7 @@ static char *init_args = NULL;
 
 int set_module(const char *modulename)
 {
+	free (module);
 	module = modulename ? strdup(modulename) : NULL;
 	return 1;
 }
@@ -169,13 +170,19 @@ int pkcs11_finish(ENGINE * engine)
 
 int pkcs11_init(ENGINE * engine)
 {
+	char *mod = module;
+
+#ifdef DEFAULT_PKCS11_MODULE
+	if (!mod)
+		mod = DEFAULT_PKCS11_MODULE;
+#endif
 	if (verbose) {
 		fprintf(stderr, "initializing engine\n");
 	}
 	ctx = PKCS11_CTX_new();
         PKCS11_CTX_init_args(ctx, init_args);
-	if (PKCS11_CTX_load(ctx, module) < 0) {
-		fprintf(stderr, "unable to load module %s\n", module);
+	if (PKCS11_CTX_load(ctx, mod) < 0) {
+		fprintf(stderr, "unable to load module %s\n", mod);
 		return 0;
 	}
 	return 1;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/engine-pkcs11.git

More information about the pkg-opensc-commit mailing list